“On September 7th the Jungle Testnet by CryptoLions went down due to abuse on their faucet. The abuser redeemed a massive quantity of ‘Jungle EOS’ and used them to vote in bad producers.”
The attacker created over 7500 accounts and then flooded the testnet with 6 billion tokens. This gave the attacker the ability to unilaterally elect inactive block producers, while the true block producers were rendered unable to continue validating the blockchain.
The testnet was restored on September 8th after the block producers voted to shut down the nodes and restore a backup of the blockchain.
Mainnet Is Not At Risk
Since the attack occurred on the testnet, the event was fairly harmless and didn’t affect the mainnet. Testnet tokens are dispensed from a faucet and are not actually worth anything, so EOS users should not be affected.
In some ways, testnets are made to be broken—the Jungle Testnet is mainly used to stress test the capacities of EOS. However, this attack seems not to have been a deliberate test.
Although the attack on the testnet was ultimately harmless, a similar attack could occur on the mainnet. A deleted post from Attic Lab suggests that it is possible to attack the EOS mainnet in the same way, although doing so would cost over $6 billion.
Suggested Reading : Learn how EOS compares to Ethereum.
EOS runs on a DPoS consensus mechanism, which means that token holders elect block producers. EOS requires two-thirds of its elected block producers to agree to override the progress of the blockchain, as explained here:
“So what happens in the event of a fork caused by negligence or malicious intent? All the nodes will, by default, not switch to a fork which doesn’t include any blocks not finalized by 15/21 producers. This will stand true regardless of chain length. Each block must gain a 15/21 approval to be considered a part of the chain.”
In other words, the elected block producers are held accountable: a corrupt block producer can be overruled by other block producers, and it is assumed that the community could elect new block producers if several block producers conspired to exploit the network.
Since block producers collectively have direct control over the blockchain, the DPoS consensus model does not give the community a chance to collectively or directly control block production. This prevents the majority attacks that malicious stakers and miners are able to perform on other blockchains once they gain control of 51% of the network.
The Jungle Testnet attack, however, was performed by a malicious staker, not a malicious block producer. This shows that it is possible to attack a DPoS blockchain at a low level: the attacker essentially deposed all of the elected block producers by buying out the entire network. (However, the original block producers seemed to retain enough control to reverse this.)
At a cost of $6 billion, such an attack on the EOS mainnet would cost substantially more than majority attacks on other cryptos. However, it’s not clear how much it would cost to attack smaller DPoS networks in this way, such as ARK or Lisk.